> and the mega corp, like Facebook will only just barely experience anything like this because it’s just not that important.
I worked at Microsoft, and speaking to their security team my impression was that MSFT is under persistent attack from nation states on a non stop basis, up to and including working to get government assets hired to work at Microsoft to leak secrets out.
Given the importance of AWS, I have no doubt Amazon is under similar threat.
For Microsoft to be in such a position makes sense, as they provide services for both US military and government (which also includes agencies), as well as for some infrastructure services. This is a pretty unique situation, compared to most other big tech companies.
Hell, there is a whole “Azure for US Government” product out there just for that, and that’s in addition to the usual AD/OneDrive/SharePoint/Windows/etc. suspects.
I would imagine Microsoft is a bit different because of the OS. If you can hack Windows you have access to nearly every institution in the world. Linux and iOS don't have that reach. No need to hack AWS, you hacked the computer that is logging into AWS.
The majority of cloud infrastructure is run on Linux.
You're saying there's no need to hack Linux when it's easier to hack Windows, and therefore Microsoft has better security fundamentals as the providers of a less secure but more prevalent OS? I don't follow the argument.
But how does Microsoft having better security fundamentals follow from that? The extent of pwnage possible doesn't magically make them follow best practices.
I worked at Microsoft, and speaking to their security team my impression was that MSFT is under persistent attack from nation states on a non stop basis, up to and including working to get government assets hired to work at Microsoft to leak secrets out.
Given the importance of AWS, I have no doubt Amazon is under similar threat.